forked from yaso_meth/mih-project
add minio and subdomain of nginx
This commit is contained in:
@@ -110,7 +110,7 @@ services:
|
||||
- certbotConf:/etc/letsencrypt
|
||||
- certbotChall:/var/www/certbot
|
||||
#command: certonly --test-cert --webroot -w /var/www/certbot --force-renewal --email yasienmeth@gmail.com -d mzansi-innovation-hub.co.za -d www.mzansi-innovation-hub.co.za --agree-tos
|
||||
command: certonly --webroot -w /var/www/certbot --force-renewal --email yasienmeth@gmail.com -d mzansi-innovation-hub.co.za -d app.mzansi-innovation-hub.co.za -d api.mzansi-innovation-hub.co.za --agree-tos
|
||||
command: certonly --webroot -w /var/www/certbot --force-renewal --email yasienmeth@gmail.com -d mzansi-innovation-hub.co.za -d app.mzansi-innovation-hub.co.za -d api.mzansi-innovation-hub.co.za -d minio.mzansi-innovation-hub.co.za --agree-tos
|
||||
networks:
|
||||
- MIH-network
|
||||
depends_on:
|
||||
|
||||
144
nginx/nginx copy
144
nginx/nginx copy
@@ -1,144 +0,0 @@
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
|
||||
http {
|
||||
server_tokens off;
|
||||
charset utf-8;
|
||||
|
||||
upstream minioUI {
|
||||
least_conn;
|
||||
server minio:9001;
|
||||
}
|
||||
|
||||
upstream minioAPI {
|
||||
least_conn;
|
||||
server minio:9000;
|
||||
}
|
||||
|
||||
# always redirect to https
|
||||
server {
|
||||
listen 80 default_server;
|
||||
|
||||
server_name _;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
http2 on;
|
||||
# use the certificates
|
||||
ssl_certificate /etc/letsencrypt/live/mzansi-innovation-hub.co.za/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/mzansi-innovation-hub.co.za/privkey.pem;
|
||||
server_name mzansi-innovation-hub.co.za;
|
||||
root /var/www/html;
|
||||
index index.php index.html index.htm;
|
||||
|
||||
# To allow special characters in headers
|
||||
ignore_invalid_headers off;
|
||||
# Allow any size file to be uploaded.
|
||||
# Set to a value such as 1000m; to restrict file size to a specific value
|
||||
client_max_body_size 0;
|
||||
# To disable buffering
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
# Web App
|
||||
location / {
|
||||
proxy_pass http://MIH-UX:83/;
|
||||
}
|
||||
|
||||
# API Hub
|
||||
location /api/ {
|
||||
proxy_pass http://MIH-API-Hub:8080/;
|
||||
}
|
||||
|
||||
# phpadmin Dashboard
|
||||
location /phpmyadmin/ {
|
||||
proxy_pass http://MIH-phpmyadmin:8081;
|
||||
}
|
||||
|
||||
# SuperTokens Dashboard
|
||||
location /supertokens/ {
|
||||
proxy_pass http://MIH-API-Hub:8080/auth/dashboard/;
|
||||
}
|
||||
|
||||
#Minio storage
|
||||
location /files/ui/ {
|
||||
rewrite ^/minio/ui/(.*) /$1 break;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-NginX-Proxy true;
|
||||
|
||||
# This is necessary to pass the correct IP to be hashed
|
||||
real_ip_header X-Real-IP;
|
||||
|
||||
proxy_connect_timeout 300;
|
||||
|
||||
# To support websockets in MinIO versions released after January 2023
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
|
||||
# Uncomment the following line to set the Origin request to an empty string
|
||||
# proxy_set_header Origin '';
|
||||
|
||||
chunked_transfer_encoding off;
|
||||
|
||||
proxy_pass http://minioUI/;
|
||||
}
|
||||
|
||||
#Minio storage API
|
||||
location /files/ {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
proxy_connect_timeout 300;
|
||||
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "";
|
||||
chunked_transfer_encoding off;
|
||||
|
||||
proxy_pass http://minioAPI/;
|
||||
}
|
||||
|
||||
# location /phpmyadmin/ {
|
||||
# proxy_pass http://192.168.1.69:8081/;
|
||||
# }
|
||||
|
||||
location ~ /.well-known/acme-challenge/ {
|
||||
root /var/www/certbot;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# events {
|
||||
# worker_connections 1024;
|
||||
# }
|
||||
|
||||
# http {
|
||||
# server_tokens off;
|
||||
# charset utf-8;
|
||||
|
||||
# # always redirect to https
|
||||
# server {
|
||||
# listen 80 default_server;
|
||||
|
||||
# server_name mzansi-innovation-hub.co.za www.mzansi-innovation-hub.co.za;
|
||||
|
||||
# location / {
|
||||
# proxy_pass http://MIH-UX:83/;
|
||||
# }
|
||||
# location ~ /.well-known/acme-challenge/ {
|
||||
# root /var/www/certbot;
|
||||
# }
|
||||
|
||||
# # return 301 https://$host$request_uri;
|
||||
# }
|
||||
# }
|
||||
119
nginx/nginx.conf
119
nginx/nginx.conf
@@ -113,66 +113,87 @@ http {
|
||||
root /var/www/certbot;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# # API Hub
|
||||
# location /api/ {
|
||||
server {
|
||||
listen 80;
|
||||
|
||||
server_name minio.mzansi-innovation-hub.co.za;
|
||||
|
||||
# #Web App
|
||||
# location / {
|
||||
# proxy_pass http://MIH-API-Hub:8080/;
|
||||
# }
|
||||
|
||||
# # phpadmin Dashboard
|
||||
# location /phpmyadmin/ {
|
||||
# proxy_pass http://MIH-phpmyadmin:8081;
|
||||
# }
|
||||
# location ~ /.well-known/acme-challenge/ {
|
||||
# root /var/www/certbot;
|
||||
# }
|
||||
|
||||
return 301 https://minio.mzansi-innovation-hub.co.za$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
http2 on;
|
||||
# use the certificates
|
||||
ssl_certificate /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/privkey.pem;
|
||||
server_name minio.mzansi-innovation-hub.co.za;
|
||||
root /var/www/html;
|
||||
index index.php index.html index.htm;
|
||||
|
||||
# To allow special characters in headers
|
||||
ignore_invalid_headers off;
|
||||
# Allow any size file to be uploaded.
|
||||
# Set to a value such as 1000m; to restrict file size to a specific value
|
||||
client_max_body_size 0;
|
||||
# To disable buffering
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
|
||||
# # SuperTokens Dashboard
|
||||
# location /supertokens/ {
|
||||
# proxy_pass http://MIH-API-Hub:8080/auth/dashboard/;
|
||||
# }
|
||||
location / {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
# #Minio storage
|
||||
# location /files/ui/ {
|
||||
# rewrite ^/minio/ui/(.*) /$1 break;
|
||||
# proxy_set_header Host $http_host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
# proxy_set_header X-Forwarded-Proto $scheme;
|
||||
# proxy_set_header X-NginX-Proxy true;
|
||||
proxy_connect_timeout 300;
|
||||
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "";
|
||||
chunked_transfer_encoding off;
|
||||
|
||||
# # This is necessary to pass the correct IP to be hashed
|
||||
# real_ip_header X-Real-IP;
|
||||
proxy_pass https://minioAPI; # This uses the upstream directive definition to load balance
|
||||
}
|
||||
|
||||
# proxy_connect_timeout 300;
|
||||
location /minio/ui/ {
|
||||
rewrite ^/minio/ui/(.*) /$1 break;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-NginX-Proxy true;
|
||||
|
||||
# # To support websockets in MinIO versions released after January 2023
|
||||
# proxy_http_version 1.1;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
# # Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
|
||||
# # Uncomment the following line to set the Origin request to an empty string
|
||||
# # proxy_set_header Origin '';
|
||||
# This is necessary to pass the correct IP to be hashed
|
||||
real_ip_header X-Real-IP;
|
||||
|
||||
# chunked_transfer_encoding off;
|
||||
proxy_connect_timeout 300;
|
||||
|
||||
# proxy_pass http://minioUI/;
|
||||
# }
|
||||
# To support websockets in MinIO versions released after January 2023
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
|
||||
# Uncomment the following line to set the Origin request to an empty string
|
||||
# proxy_set_header Origin '';
|
||||
|
||||
# #Minio storage API
|
||||
# location /files/ {
|
||||
# proxy_set_header Host $http_host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
# proxy_set_header X-Forwarded-Proto $scheme;
|
||||
chunked_transfer_encoding off;
|
||||
|
||||
# proxy_connect_timeout 300;
|
||||
# # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
|
||||
# proxy_http_version 1.1;
|
||||
# proxy_set_header Connection "";
|
||||
# chunked_transfer_encoding off;
|
||||
proxy_pass https://minioUI; # This uses the upstream directive definition to load balance
|
||||
}
|
||||
|
||||
# proxy_pass http://minioAPI/;
|
||||
# }
|
||||
|
||||
# location /phpmyadmin/ {
|
||||
# proxy_pass http://192.168.1.69:8081/;
|
||||
# }
|
||||
location ~ /.well-known/acme-challenge/ {
|
||||
root /var/www/certbot;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user